Systems and methods for detecting bust out fraud using credit data

ABSTRACT

Systems and methods are for, for example, predicting bust out fraud using credit bureau data. In one embodiment, credit bureau scoring models are created using credit bureau data to detect bust out fraud. The credit bureau scoring models may be then applied to consumer data to determine whether a consumer is involved in bust out fraud.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation of U.S. application Ser. No.12/220,320, filed Jul. 23, 2008, which is hereby incorporated byreference in its entirety, including specifically but not limited to thesystems and methods relating to bust out fraud detection.

BACKGROUND

1. Field of the Invention

The disclosure relates generally to the field of financial protection.The disclosure relates specifically to the field of fraud detection.

2. Description of the Related Art

The occurrence of fraud and related dollar losses is growing because ithas been very difficult for the financial industry to detect bust outfraud using traditional fraud detection systems. Traditional frauddetection systems are typically applied in two ways: at the point ofcredit application (sometimes referred to as application fraud systems),or through ongoing monitoring by a financial institute of its consumertransactions compared against an established profile of that consumer'sbehavior (sometimes referred to as transaction fraud systems).

Application fraud systems were not designed to detect fraud that takesplace after the consumer's application is approved and credit is granted(sometimes referred to as post-book fraud); consequently, such systemsoften prove ineffective in detecting post-book fraud. For example, if aconsumer is opening an account in his/her own name intending to commitfraud in the future, application fraud systems may verify the consumer'sidentity without analyzing the likelihood of the consumer engaging infraud after the account is opened. Similarly, transaction fraud systemsare ineffective in situations when evolving types of fraud that takeadvantage of more than one financial institution.

SUMMARY OF THE DISCLOSURE

One specific type of fraud that traditional fraud systems are unable todetect is fraud that typically occurs in an organized fashion, acrossmultiple credit issuers, and involves a build-up phase of seeminglynormal consumer behavior followed by an exceedingly large number ofpurchases, cash advances, or other uses of credit, and then subsequentabandonment of the account. This fraud is sometimes referred to as bustout fraud.

Consequently, it would be advantageous to have methods and systems thatautomatically detect such fraudulent activity. In some embodiments,credit bureau scoring models are created using credit bureau data todetect bust out fraud. The credit bureau scoring models may be thenapplied to consumer data to determine whether a consumer is likelyinvolved in bust out fraud before a consumer abandons his accounts.

In one embodiment, a computer implemented method of developing a datafilter for identifying bust out fraud is disclosed. The computerimplemented method may include electronically developing a credit bureaubust out model that predicts the propensity of a consumer to be engagedin bust out fraud analyzing substantially only credit bureau data.

In another embodiment, a bust out fraud detection system is disclosed.The bust out fraud system may include a processor configured to runsoftware modules; a data storage device storing a plurality of consumerrecords, the data storage device in electronic communication with theprocessor; and a bust out module configured to identify a subset of theplurality of records from the data storage device, receive a creditbureau bust out model from a storage repository, the credit bureau bustout model predicting which consumer records are likely involved andcreated using substantially only credit bureau data, apply the creditbureau bust out model to each of the subset of the plurality of consumerrecords to generate a credit bureau bust out score for each of thesubset of the plurality of consumer records, and store in a storagerepository the credit bureau bust out score associated with the subsetof the plurality of the consumer records; and where the processor isable to run the bust out module.

In a further embodiment, a computer implemented method for generatingscores that indicate bust out fraud is provided. The computerimplemented method may include electronically identifying a plurality ofconsumer records; electronically receiving a bust out filter from astorage repository, the bust out filter created using substantially onlycredit bureau data; electronically applying the bust out filter to eachof the plurality consumer records to generate a bust out score for eachof the plurality of consumer records; and electronically storing in astorage repository the bust out score associated with each of theconsumer records.

For purposes of the summary, certain aspects, advantages and novelfeatures of the invention have been described herein. Of course, it isto be understood that not necessarily all such aspects, advantages orfeatures will be embodied in any particular embodiment of the invention.Thus, for example, those skilled in the art will recognize that theinvention may be embodied or carried out in a manner that achieves oneadvantage or group of advantages as taught herein without necessarilyachieving other advantages as may be taught or suggested herein.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing and other features, aspects and advantages of the presentinvention are described in detail below with reference to the drawingsof various embodiments, which are intended to illustrate and not tolimit the invention. The drawings comprise the following figures.

FIG. 1 illustrates one embodiment of example scenario for detecting bustout fraud using credit bureau data.

FIG. 2 illustrates one embodiment of a computer hardware systemconfigured to run software for implementing one or more embodiments ofthe fraud detection system described herein.

FIG. 3 illustrates one embodiment of a flowchart diagram for analyzingdata to create a credit bureau bust out model using credit bureau data.

FIG. 4 illustrates one embodiment of a flowchart diagram for analyzingconsumer data to apply a credit bureau bust out model and generatecredit bureau bust out scores.

DETAILED DESCRIPTION

Embodiments of the invention will now be described with reference to theaccompanying figures, wherein like numerals refer to like elementsthroughout. The terminology used in the description presented herein isnot intended to be interpreted in any limited or restrictive manner,simply because it is being utilized in conjunction with a detaileddescription of certain specific embodiments of the invention.Furthermore, embodiments of the invention may comprise several novelfeatures, no single one of which is solely responsible for its desirableattributes or which is essential to practicing the inventions hereindescribed. In addition, it is recognized that a feature of oneembodiment may be included as a feature in a different embodiment.

Some embodiments discussed herein provide systems and methods forpredicting bust out fraud. “Bust out” fraud is a hybrid fraud and creditproblem were an individual and/or entity opens multiple lines ofcredit/accounts increases utilization and then subsequently abandons theaccounts. The line of credit/accounts may include credit cards accounts,debit card accounts, equity lines, and so forth. In one embodiment,scoring models are specifically developed to predict bust out fraudusing credit bureau data. One advantage to using credit bureau data isthat it provides information about the consumer across multiple consumeraccounts at multiple institutions. The scoring models can be applied toone or more sets of consumer data to generate a score for each consumerpredicting the likelihood that the consumer is involved in bust outfraud. The scoring models can then be used alone or in combination withother scores and credit or demographic attributes to evaluate a consumerwhen opening an account, to monitor a portfolio of consumers, and/or toweed out undesirable prospective customers. In addition, the scoringmodel may be used in an online environment or in a batch environment.

In one embodiment, the scoring model is created using “bad” creditbureau data, which includes data for accounts that were classified asbust out accounts. In some embodiments, an account is classified as abust out fraud account according to two aspects, action and intent.Example account actions include, an account balance approaching orexceeding its limit, payments with bad checks, and/or similar behavioron other accounts linked to the same account holder. Example accountactions demonstrating intent include requests for a credit limitincrease, requests for adding authorized users, frequent balanceinquiries, use of balance transfers and convenience checks, and/or beingunable to contact the account holder. In other embodiments, otherrequirements or definitions may be used to classify an account or aconsumer as a bust out account. Thus, the bad credit bureau data used tocreate the scoring module may include a variety of data including, forexample, data indicating that an account is unpaid, the account isdelinquent (for example 30⁺ days, 60⁺ days, 90⁺ days, 120⁺ days), theaccounts balance is close to or over its limit, a payment on the accounthas been returned or bounced, attempts to contact the account owner viathe providers phone number(s), address(es), and/or email address(es)have failed, and/or that similar data exists at one or more financialinstitutions. The scoring model may also be created using “good” creditbureau data, which is data from non-fraud consumers.

The scoring models may be configured in a variety of ways. For example,the scoring models may be configured to enhance the prediction of bustout fraud, to reflect current bust out fraud trends, to increase theoperational efficiency of identifying consumers that may be involved inbust out fraud, and/or to compliment existing fraud detection/preventiontools. The scoring models also may be configured to predict bust outfraud for a certain amount of time prior to the abandoning of anyaccounts, such as, for example 6 to 8 weeks, or 1 to 3 months. Inaddition, the scoring models may be configured to detect a significantportion of bust out fraud such as, for example 35%, 60%, or 78% of bustout fraud. The scoring models also may be configured designate high riskconsumers (for example, consumers with a higher score) from low riskconsumers (for example, consumers with a lower score) so that the userof the system can focus on dealing with the higher risk consumers. Thescoring model may also factor in the potential amount at risk such thatconsumers that are most likely involved in bust out fraud and that havethe highest potential collection balance are scored the highest.

The scoring models may utilize a variety of scoring methods, includingnumeric scores where the lower number indicates bust out fraud, numericscores where a higher number indicates bust out fraud, letters scores(for example A, B, C, D or F), categories (for example good, bad), andso forth.

Moreover, the scoring models may be configured to incorporateinformation on consumers that are flagged as potential “bust outs,” butdo not end up as “bust outs.” The system may use the flagging of such“false positives” to look for other potentially harmful activity and/orfurther refine the scoring model.

In some embodiments, the fraud detection system may advantageously beused alone or in combination with other scoring models and credit ordemographic attributes to analyze a portfolio of consumers orprospective consumers. In some embodiments, these scores and/orattributes may be used with customizable thresholds (for example,tolerance levels for an amount of change). For example, one scoringmodel may evaluate changes in utilization, such as a consumer's use ofcredit against maximum available credit, and detect unusual velocitysuch as the number of new accounts opened or inquiries received in acertain time frame. Attributes may include changes in demographicinformation, such as a change in address or phone number. One scoringmodel may detect a pattern of suspicious payment behaviors, such asnonpayment, delinquency, returned payment, smaller-than-usual payments,or larger-than-usual payments. Other elements of the scoring model mayinclude cross-database entity matching and pattern analysis to detectorganized and/or collusive behaviors. It is recognized that many otherattributes, scores, and/or model elements that may be used.

In general, the term “model” as used herein is a broad term, andgenerally refers without limitation to systems, devices, and methods foramplifying, selecting, filtering, excluding, predicting, and/oridentifying subsets of a dataset that are relevant, substantiallyrelevant, and/or statistically relevant to the user. In addition, theterms “consumer” and “consumers” may include applicants, customers,individuals, entities, groups of individuals, (for example, marriedcouples, domestic partners, families, co-workers, and the likes), and soforth. Furthermore, the terms “financial entity,” “credit providers,”“credit issuers,” “financial institutions,” “clients,” “utilityproviders,” “utility service providers,” “phone service providers,”“financial service providers,” are broad interchangeable terms andgenerally refer without limitation to banks, financial companies, creditunions, savings institutions, retailers, utility (for example,telecommunications, gas, electric, water, sewer, or the like) providers,bankcard issuers, credit card issuers, mortgage (for example, sub-prime)lenders, and the like.

I. Example Scenario

One example scenario will now be discussed with respect to FIG. 1, whichshows a sample embodiment for using a scoring model that predicts bustout fraud using credit bureau data.

In the example, Company A 100 is a department store that provides creditcards for a large number of consumers. However, Company A 100 has beenhaving problems with bust out accounts where several of its consumershave built up their credit, reached a maximum credit line on theiraccounts, and then abandoned their accounts. Thus, Company A 100 wantsto know before consumers abandon their accounts, whether a particularconsumer is engaging in bust out fraud. Company A's 100 own consumerdata does not provide a full picture of a consumer since the bust outbehavior may be the result of a consumer's activity at other companies,such as Company B and/or Company C. Accordingly, Company decides tocontact Credit Bureau 200 for assistance.

The Credit Bureau 200 stores data 220 about consumers, and part of thatdata includes consumer credit actitivities, balance, available creditand utilization, depth of credit experience, delinquency and derogatorystatuses on tradelines, both current and historical, derogatory publicrecords and inquiry history. The Credit Bureau 200 decides to use thisdata 220 to create a bust out model 210 that scores consumer dataindicating whether a consumer is engaged in bust out fraud. To createthe bust out model 210, the Credit Bureau 200 collects bad and good datafrom its credit bureau data 220, analyzes the data, and creates a bustout model 210 that predicts which consumers may be involved in bust outfraud.

Company A 100 then sends the Credit Bureau 200 a set of its consumerdata for Company A's 100 existing customers over the network 300. TheCredit Bureau 200 applies the bust out model 210 in batch mode toCompany A's 100 set of consumer data to determine which consumers may beinvolved in bust out fraud and creates a set of bust out score data.This bust out score data includes bust out scores along with consumeridentifiers for each score. The Credit Bureau 200 then sends the bustout score data back to Company A 100 over the network 300, and Company Auses the scores to flag existing consumers for immediate investigation.

Company A 100 may also send the Credit Bureau 200 a set of consumer datafor its prospective consumers, which are consumers Company A 100 wouldlike to send an offer of credit. The Credit Bureau 200 applies the bustout model 210 in batch mode to Company A's 100 set of consumer data todetermine which consumers may be involved in bust out fraud and createsa set of bust out scores. For this data, Company A 100 has requestedthat the Credit Bureau 200 append the scores to the set of consumerdata. Thus, Credit Bureau 200 then sends the set of consumer data, whichnow includes the scores, back to Company A 100. Company A 100 uses thescores to remove some of the consumers from the set of prospectiveconsumers since Company A 100 does not want to extend an offer of creditto a consumer who has a high likelihood to be engaged in bust out fraud.

Next, as part of its credit application process, Company A 100 sends theCredit Bureau 200 a set of consumer data for new customers that areapplying at the store for credit from Company A 100. The Credit Bureau200 then applies the bust out model 210 to the set of consumer data andsends bust out score data, which includes a score for each consumer inthe set of consumer data, back to Company A. Company A then uses thescores to decide whether to approve or deny the credit applications foreach of the consumers.

FIG. 1 and the example scenario above, provide an embodiment of usingthe systems and methods disclosed here, and are not intended to belimiting in any way.

II. Data

A. Credit Bureau Data

The scoring models are created using samples of credit bureau data usingboth bad data (for example, bust out account data) and good data (forexample, non-fraud account data). In one embodiment, the samples ofcredit bureau data include a minimum number of bad accounts, such as,for example, 100 bust out accounts, 1000 bust out accounts, 3128 bustout accounts, or 5000 bust out accounts, though the number of badaccounts included may vary. The sample of credit bureau data may alsoinclude a random sampling of non-fraud accounts or a selected samplingof non-fraud accounts. In one embodiment, non-fraud data includes creditbureau data for accounts that are not involved in bust out fraud,whereas in other embodiments, non-fraud data includes credit bureau datafor accounts that are not involved in any type of fraud. In oneembodiment, the number of non-fraud accounts is approximately 20 to13000 times the number of bad accounts.

B. Consumer Data

In some embodiments, some or all of the consumer data to be scored isreceived from a third party. The consumer data may include data for oneor more consumers and may be received in real-time or in batch format.In one embodiment, the third party sends the data in an encryptedformat, such as, for example PGP encryption, password protection usingWinZip 9.1 or higher with 256-Bit encryption, or any other encryptionscheme. In addition, the consumer data may be sent via a secureconnection, an email, File Transmission Protocol site, ConnectDirectMailbox, a disk, tape drive, zip drive, CD-ROM, and so forth.

In one embodiment, the third party providing the consumer data is thesame party that is receiving the bust out score data. It is recognizedthat in other embodiments, a different party may receive the bust outscore data than the one that submits the consumer data, and/or multipleparties may provide consumer data and/or multiple parties may receivethe bust out score data.

C. Bust Out Score Data

In one embodiment, the bust out score data includes the scores generatedby the scoring model along with corresponding identifiers for theconsumers in the set of consumers data. The bust out score data may alsoinclude reason code data that indicates factors that contributed to oneor more of the scores. The bust out score data may include data for oneor more consumer and may be sent in real-time or in batch format. Inother embodiments, the bust out score data only includes scores,includes other consumer data, and or is appended to the consumer data.

In one embodiment, the bust out score data is sent to a third party inan encrypted format, such as, for example PGP encryption, passwordprotection using WinZip 9.1 or higher with 256-Bit encryption, or anyother encryption scheme. In addition, the bust out score data may besent via a secure connection, an email, File Transmission Protocol site,ConnectDirect Mailbox, a disk, tape drive, zip drive, CD-ROM, and soforth.

III. Fraud Detection System

FIG. 2 illustrates, one embodiment of a fraud detection system 410 thatcreates scoring models using credit bureau data, where the scoringmodels predict whether a consumer will engage in bust out fraud. Thefraud detection system 410 also applies the created scoring models topredict whether a particular consumer or set of consumers are engagingin bust out fraud and scores the consumer or set of consumers toindicate whether they are likely involved in bust out fraud. Theexemplary fraud detection system 410 communicates with a third partysystem 420 via a communications medium 430 and includes a scoring module414 for creating a scoring model using credit bureau data and scoringconsumers in a data file along with a customization module 416 thatallows the third party system 420 to set preferences, thresholds and/ortolerance levels for defining “bust out” data, creating the scoringmodel, applying the scoring model, formatting the bust out score data,and setting up the data exchange. The fraud detection system 410 alsoincludes a processor (not shown) configured to run modules, such as 414and 416. The fraud detection system 410 also includes a credit bureaudatabase 500 that stores credit bureau data, such as, for example,consumer data, account data, non-fraud account data, and/or bad accountdata.

In one embodiment, the fraud detection system retrieves credit bureaudata from the credit bureau database 500 and uses that data to create ascoring model. The fraud detection system 410 then receives third partysystem 420 consumer data 425 and applies the scoring model to the thirdparty system 420 consumer data 425. In other embodiments, the frauddetection system 410 can also apply the scoring model to consumer data455 from other third party systems 450. The fraud detection system 410may also include a consumer data database 502 that stores all or asubset of the third party consumer data 425 as well as some or all ofthe bust out score data. For example, the consumer data database 502 maystore consumer identity information and a history information regardingone or more of the provided scores. It some embodiments, the frauddetection system 410 may also communicate with other systems (notshown).

IV. System Information

A. Computing Devices

In one embodiment, the fraud detection system 410 and/or the third partysystems 420, 450 run on one or more computing devices. Moreover, in someembodiments, the features of the fraud detection system 410 and/or thethird party systems 420, 450 may be available via a fully-hostedapplication service provider (ASP) that manages and providescommunication between the fraud detection system 410 and one or more ofthe third party systems 420, 450 via a web interface or other interface.In other embodiments, the fraud detection system 410 and/or the thirdparty systems 420, 450 may be available via partially-hosted ASPs orother providers. In yet further embodiments, the fraud detection system410 and/or the third party systems 420, 450 may be a client-sideinstalled solution allowing for direct communication between the frauddetection system 410 and one or more of the third party systems 420,450.

In one embodiment, the computing device is IBM, Macintosh, or Linux/Unixcompatible devices. In another embodiment, the computing devicecomprises a server, a laptop computer, a cell phone, a personal digitalassistant, a kiosk, or an audio player, for example. In one embodiment,the computing device includes one or more CPUs, which may each includemicroprocessors. The computing device may further include one or morememory devices, such as random access memory (RAM) for temporary storageof information and read only memory (ROM) for permanent storage ofinformation, and one or more mass storage devices, such as hard drives,diskettes, or optical media storage devices. In one embodiment, themodules of the computing are in communication via a standards based bussystem, such as bus systems using Peripheral Component Interconnect(PCI), Microchannel, SCSI, Industrial Standard Architecture (ISA) andExtended ISA (EISA) architectures, for example. In some embodiments,components of the computing device communicate via a network, such as alocal area network that may be secured.

The computing device is generally controlled and coordinated byoperating system software, such as the Windows 95, Windows 98, WindowsNT, Windows 2000, Windows XP, Windows Vista, Linux, SunOS, Solaris,PalmOS, Blackberry OS, or other compatible operating systems. InMacintosh systems, the operating system may be any available operatingsystem, such as MAC OS X. In other embodiments, the computing device maybe controlled by a proprietary operating system. Conventional operatingsystems control and schedule computer processes for execution, performmemory management, provide file system, networking, and I/O services,and provide a user interface, such as a graphical user interface (GUI),among other things.

The computing device may include one or more commonly availableinput/output (I/O) devices and interfaces, such as a keyboard, mouse,touchpad, microphone, and printer. Thus, in one embodiment the computingdevice may be controlled using the keyboard and mouse input devices,while in another embodiment the user may provide voice commands to thecomputing device via a microphone. In one embodiment, the I/O devicesand interfaces include one or more display device, such as a monitor,that allows the visual presentation of data to a user. Moreparticularly, a display device provides for the presentation of GUIs,application software data, and multimedia presentations, for example.The computing device may also include one or more multimedia devices,such as speakers, video cards, graphics accelerators, and microphones,for example.

In one embodiment, the computing devices include a communicationinterface to various external devices and the communications medium 430via wired or wireless communication links.

B. Data Sources

The data sources, including the consumer data 425, the credit bureaudatabase 500, and the consumer data database 502, may include one ormore internal and/or external data sources. In some embodiments, one ormore of the data sources may be implemented using a relational database,such as, for example, Sybase, Oracle, CodeBase and Microsoft® SQL Serveras well as other types of databases such as, for example, a flat filedatabase, an entity-relationship database, and object-oriented database,and/or a record-based database.

C. Modules

In general, the word “module,” as used herein, refers to logic embodiedin hardware or firmware, or to a collection of software instructions,possibly having entry and exit points, written in a programminglanguage, such as, for example, Java, C or C++. The module may include,by way of example, components, such as, for example, softwarecomponents, object-oriented software components, class components andtask components, processes, functions, attributes, procedures,subroutines, segments of program code, drivers, firmware, microcode,circuitry, data, databases, data structures, tables, arrays, andvariables. A software module may be compiled and linked into anexecutable program, installed in a dynamic link library, or may bewritten in an interpreted programming language such as, for example,BASIC, Perl, or Python. It will be appreciated that software modules maybe callable from other modules or from themselves, and/or may be invokedin response to detected events or interrupts. Software instructions maybe embedded in firmware, such as an EPROM. It will be furtherappreciated that hardware modules may be comprised of connected logicunits, such as gates and flip-flops, and/or may be comprised ofprogrammable units, such as programmable gate arrays or processors. Themodules described herein are preferably implemented as software modules,but may be represented in hardware or firmware. Generally, the modulesdescribed herein refer to logical modules that may be combined withother modules or divided into sub-modules despite their physicalorganization or storage.

D. Communications Medium

In the embodiment of FIG. 2, the communications medium 430 is one ormore networks, such as, for example, a LAN, WAN, or the Internet, forexample, via a wired, wireless, or combination of wired and wireless,communication link. The communications medium 430 communicates withvarious computing devices and/or other electronic devices via wired orwireless communication links. For example, the computing device may beconfigured to communicate with the communications medium using anycombination of one or more networks, LANs, WANs, or the Internet, forexample, via a wired, wireless, or combination of wired and wirelesscommunication links. It is also recognized that one or more the thirdparty systems 420, 450 and the fraud detection system 410 maycommunicate using two or more different types of communications mediums430, and the fraud detection system 410 may communicate with one or moreof the third party systems 420, 450 using different types ofcommunications mediums 430.

V. Flowcharts

A. Creating Bust Out Models Using Credit Data

FIG. 3 illustrates an embodiment of a flowchart showing one method (forexample, a computer implemented method) of analyzing credit bureau data(for example, bad data and good data) to create bust out models. Themethod can be performed online, in real-time, batch, periodically,and/or on a delayed basis for individual records or a plurality ofrecords. The exemplary method may be stored as a process accessible bythe scoring module 414 and/or other modules of the fraud protectionsystem 410. In different embodiments, the blocks described below may beremoved, others may be added, and the sequence of the blocks may bealtered.

With reference to FIG. 3, the method is initiated (block 509), and thefraud detection system 410 accesses bust out credit bureau data (block510). The fraud detection system 410 also accesses non-fraud creditbureau data (block 520). In an embodiment, the bust out credit bureaudata and non-fraud credit bureau data include consumer demographic,credit, and other credit bureau data (for example, historical balancedata for a period of time, credit limits data for a period of time, orthe like). Specific criteria for being categorized as a bust out datamay vary greatly and may be based on a variety of possible data typesand different ways of weighing the data. The bust out and/or non-fraudcredit bureau data may also include archived data or a random selectionof credit bureau data.

The fraud detection system 410 develops a model using the bust outcredit bureau data and the non-fraud credit bureau data (block 530),which determines whether a consumer is involved in bust out fraud. Inone embodiment, the development of the model comprises identifyingconsumer characteristics, attributes, or segmentations that arestatistically correlated (for example, a statistically significantcorrelation) with the occurrence of a bust out account. The developmentof the model may include developing a set of heuristic rules, filters,and/or electronic data screens to determine and/or identify and/orpredict which consumer profiles would be classified as a bust outaccount based on the credit bureau data. The development of the modelcan also include developing a set of heuristic rules, filters, and/orelectronic data screens to determine and/or identify and/or predictwhich data is attributable to bust out accounts based on the creditbureau data.

It is recognized that other embodiments of FIG. 3 may be used. Forexample, the method of FIG. 3 could be repeatedly performed to createmultiple bust out models, the non-fraud credit bureau data may beaccessed before the bust out credit bureau data, and/or the bust outcredit bureau data and the non-fraud credit bureau data may be accessedat the same time or in parallel.

B. Using the Bust Out Models to Score Consumer Data

FIG. 4 illustrates an embodiment of a flowchart illustrating a method ofapplying a bust out model, which was created using credit data, topredict whether a consumer to be involved in bust out fraud. Theexemplary method may be stored as a process accessible by the scoringmodule 414 and/or other components of the fraud detection system 410. Insome embodiments, the blocks described below may be removed, others maybe added, and the sequence of the blocks may be altered.

With reference to FIG. 4, the method is initiated (block 609), and thefraud detection system 410 selects or receives consumer data (block610). The consumer data includes data for one or more consumers. In someembodiments, the fraud detection system 410 may also obtain consumerdata from a third party system 420, 450 and/or the consumer datadatabase 502. The fraud detection system 410 analyzes the consumer databy applying the bust out model to the data, generates generate ascore(s) indicating the likelihood that the consumer(s) is involved inbust out fraud (block 620). The fraud detection system 410 then outputsbust out score data (block 630). The bust out score data may be sent toa third party system 420, the user, another module, another system,and/or stored in the consumer data database 502, or the like.

It is recognized that other embodiments of FIG. 4 may be used. Forexample, the method of FIG. 4 could stored the bust out score data in adatabase and/or apply additional rules such as, for example, removingdata for consumers that are not involved in bust out fraud.

VI. Additional Embodiments

Although the foregoing has been described in terms of some embodiments,other embodiments will be apparent to those of ordinary skill in the artfrom the disclosure herein. Moreover, the described embodiments havebeen presented by way of example only, and are not intended to limit thescope of the inventions. Indeed, the novel methods and systems describedherein may be embodied in a variety of other forms without departingfrom the spirit thereof. Accordingly, other combinations, omissions,substitutions, and modifications will be apparent to the skilled artisanin view of the disclosure herein.

1. A method of detecting bust out accounts, wherein bust out accountsexhibit a consumer opening one or more credit accounts across one ormore credit issuers and initially exhibiting normal consumer behaviorfollowed by a large number of purchases, cash advances, or other uses ofcredit before abandonment of the one or more accounts, the methodcomprising: accessing, by a computing system, consumer data associatedwith a consumer; accessing a bust out scoring model from a storagerepository, the bust out scoring model created using credit bureau dataand at least one consumer characteristic statistically correlated withpredicting bust out accounts; and periodically applying, using thecomputing system, the bust out scoring model to the consumer data of theconsumer to generate a bust out score for the consumer, wherein theperiodically applying the bust out scoring model comprises performingthe following method on a periodic basis: accessing, by the computersystem, updated consumer data associated with the consumer; applying, bythe computer system, the bust out scoring model to the updated consumerdata to generate the bust out score for the consumer; determining, bythe computer system, whether the updated consumer data exhibitscharacteristics of bust out accounts by comparing the bust out score toa threshold level; and in response to the determining that the bust outscore associated with the consumer is below the threshold level,providing, by the computing system, an indication to a user indicatingthat no bust out account has been detected; in response to thedetermining that the bust out score associated with the consumer is ator above the threshold level, providing, by the computing system, anindication to the user indicating that a potential bust out account hasbeen detected.
 2. A method of detecting bust out accounts, wherein bustout accounts exhibit a consumer opening one or more credit accountsacross one or more credit issuers and initially exhibiting normalconsumer behavior followed by a large number of purchases, cashadvances, or other uses of credit before abandonment of the one or moreaccounts, the method comprising: accessing, by a computing system,consumer data associated with a consumer; accessing a bust out scoringmodel from a storage repository, the bust out scoring model createdusing credit bureau data and at least one consumer characteristicstatistically correlated with predicting bust out accounts; andperiodically applying, using the computing system, the bust out scoringmodel to the consumer data of the consumer to generate a bust out scorefor the consumer, wherein the periodically applying the bust out scoringmodel comprises performing the following method on a periodic basis:accessing, by the computer system, updated consumer data associated withthe consumer; applying, by the computer system, the bust out scoringmodel to the updated consumer data to generate the bust out score forthe consumer, wherein the bust out score is configured for comparison toa threshold level in order to determine whether the updated consumerdata exhibits characteristics of bust out accounts.
 3. The method ofdetecting bust out accounts of claim 2, further comprising: receivingthe consumer data from a third party, wherein the comparison to thethreshold level is performed by the third party.
 4. The method ofdetecting bust out accounts of claim 2, wherein the comparison isperformed by the computer system.
 5. The method of detecting bust outaccounts of claim 2, wherein the periodically applying furthercomprises: in response to determining that the bust out score associatedwith the consumer is below the threshold level, transmitting, by thecomputing system, an electronic communication to a second computingsystem indicating that no bust out account has been detected; and inresponse to determining that the bust out score associated with theconsumer is at or above the threshold level, transmitting, by thecomputing system, an electronic communication to the second computingsystem indicating that a potential bust out account has been detected.6. The method of detecting bust out accounts of claim 2, wherein theconsumer data is related to a prospective consumer that may be approvedfor credit.
 7. The method of detecting bust out accounts of claim 2,wherein the bust out scoring model predicts fraud one to three monthsbefore abandonment of the bust out account.
 8. The method of detectingbust out accounts of claim 2, wherein bust out accounts arecharacterized by the consumer performing at least one or more actionsand demonstrating one or more indications of intent to commit bust outfraud, wherein the one or more actions comprise an account balanceapproaching or exceeding the account limit, or payments with bad checks,and wherein the one or more indications of intent comprise requests forcredit limit increase, requests for adding authorized users, frequentbalance inquiries, use of balance transfers and convenience checks, orthe one or more credit issuers being unable to contact the consumer. 9.The method of detecting bust out accounts of claim 2, wherein the bustout score accounts for a velocity of account utilization changes over aperiod of time, wherein the velocity of account utilization changescomprises one or more of: non-payments, delinquency, returned payment,smaller-than-usual payment, or larger-than-usual payments.
 10. Themethod of detecting bust out accounts of claim 2, wherein the one ormore credit accounts comprise at least one of a credit card account, adebit card account, or an equity line of credit.
 11. A bust out accountsdetection system, wherein bust out accounts exhibit a consumer openingone or more credit accounts across one or more credit issuers andinitially exhibiting normal consumer behavior followed by a large numberof purchases, cash advances, or other uses of credit before abandonmentof the one or more accounts, the system comprising: a computer processorconfigured to execute modules comprising at least: a data acquisitionmodule configured to periodically access consumer data associated with aconsumer; a bust out fraud detection module configured to access a bustout scoring model from a storage repository and to periodically applythe bust out scoring model to the consumer data to generate a bust outscore for the consumer, the bust out scoring model created using creditbureau data and at least one consumer characteristic statisticallycorrelated with predicting bust out accounts; and a reporting moduleconfigured to perform the following method on a periodic basis:accessing through the data acquisition module updated consumer dataassociated with the consumer; applying through the bust out frauddetection module the bust out scoring model to the updated consumer datato generate the bust out score for the consumer, wherein the bust outscore is configured for comparison to a threshold level in order todetermine whether the consumer data exhibits characteristics of bust outaccounts.
 12. The bust out accounts detection system of claim 11,wherein the data acquisition module is further configured to receive theconsumer data from a third party, wherein the comparison to thethreshold level is performed by the third party.
 13. The bust outaccounts detection system of claim 11, wherein the comparison isperformed by the reporting module.
 14. The bust out accounts detectionsystem of claim 11, wherein the reporting module is further configuredto: in response to determining that the bust out score associated withthe consumer is below the threshold level, transmitting a firstindication to a second computing system indicating that no bust outaccount has been detected; and in response to determining that the bustout score associated with the consumer is at or above the thresholdlevel, transmitting a second indication to the second computing systemindicating that a potential bust out account has been detected.
 15. Thebust out account detection system of claim 11, wherein the consumer datais related to a prospective consumer that may be approved for credit.16. The bust out account detection system of claim 11, wherein bust outaccounts are characterized by the consumer performing at least one ormore actions and demonstrating one or more indications of intent tocommit bust out fraud, wherein the one or more actions comprise anaccount balance approaching or exceeding the account limit, or paymentswith bad checks, and wherein the one or more indications of intentcomprise requests for credit limit increase, requests for addingauthorized users, frequent balance inquiries, use of balance transfersand convenience checks, or the one or more credit issuers being unableto contact the consumer.
 17. The bust out account detection system ofclaim 11, wherein the bust out score accounts for a velocity of accountutilization changes over a period of time, and wherein the velocity ofaccount utilization changes comprises one or more of: non-payments,delinquency, returned payment, smaller-than-usual payment, orlarger-than-usual payments.
 18. The bust out account detection system ofclaim 11, wherein the one or more credit accounts comprise at least oneof a credit card account, a debit card account, or an equity line ofcredit.